From ef331ccc8168482139a5c0413cf588bb8b6b3744 Mon Sep 17 00:00:00 2001 From: Michael Kaufmann Date: Thu, 21 Feb 2019 12:54:53 +0100 Subject: [PATCH] Add setting to specify domain aliases for the froxlor-vhost (and add them to the SAN list of let's encrypt certificates if enabled) Signed-off-by: Michael Kaufmann --- actions/admin/settings/122.froxlorvhost.php | 10 ++++++++++ install/froxlor.sql | 3 ++- install/updates/froxlor/0.10/update_0.10.inc.php | 9 +++++++++ lib/Froxlor/Cron/Http/Apache.php | 15 +++++++++++++++ lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php | 10 ++++++++++ lib/Froxlor/Cron/Http/Nginx.php | 14 +++++++++++++- lib/Froxlor/Froxlor.php | 2 +- lng/english.lng.php | 2 ++ lng/german.lng.php | 2 ++ 9 files changed, 64 insertions(+), 3 deletions(-) diff --git a/actions/admin/settings/122.froxlorvhost.php b/actions/admin/settings/122.froxlorvhost.php index 1e84ab67..14911922 100644 --- a/actions/admin/settings/122.froxlorvhost.php +++ b/actions/admin/settings/122.froxlorvhost.php @@ -30,6 +30,16 @@ return array( 'default' => false, 'save_method' => 'storeSettingField' ), + 'system_froxloraliases' => array( + 'label' => $lng['serversettings']['froxloraliases'], + 'settinggroup' => 'system', + 'varname' => 'froxloraliases', + 'type' => 'string', + 'string_regexp' => '/^(([a-z0-9\-\._]+, ?)*[a-z0-9\-\._]+)?$/i', + 'string_emptyallowed' => true, + 'default' => '', + 'save_method' => 'storeSettingField' + ), /** * SSL / Let's Encrypt */ diff --git a/install/froxlor.sql b/install/froxlor.sql index 2029f98a..ce613015 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -645,6 +645,7 @@ opcache.interned_strings_buffer'), ('system', 'dhparams_file', ''), ('system', 'errorlog_level', 'warn'), ('system', 'leecc', '0'), + ('system', 'froxloraliases', ''), ('api', 'enabled', '0'), ('2fa', 'enabled', '1'), ('panel', 'decimal_places', '4'), @@ -680,7 +681,7 @@ opcache.interned_strings_buffer'), ('panel', 'customer_hide_options', ''), ('panel', 'is_configured', '0'), ('panel', 'version', '0.10.0'), - ('panel', 'db_version', '201902170'); + ('panel', 'db_version', '201902210'); DROP TABLE IF EXISTS `panel_tasks`; diff --git a/install/updates/froxlor/0.10/update_0.10.inc.php b/install/updates/froxlor/0.10/update_0.10.inc.php index 1719a24f..b63c0b89 100644 --- a/install/updates/froxlor/0.10/update_0.10.inc.php +++ b/install/updates/froxlor/0.10/update_0.10.inc.php @@ -224,3 +224,12 @@ if (\Froxlor\Froxlor::isDatabaseVersion('201902120')) { \Froxlor\Froxlor::updateToDbVersion('201902170'); } + +if (\Froxlor\Froxlor::isDatabaseVersion('201902170')) { + + showUpdateStep("Adding new froxlor vhost domain alias setting"); + Settings::AddNew('system.froxloraliases', ""); + lastStepStatus(0); + + \Froxlor\Froxlor::updateToDbVersion('201902210'); +} diff --git a/lib/Froxlor/Cron/Http/Apache.php b/lib/Froxlor/Cron/Http/Apache.php index f29fda52..eb319458 100644 --- a/lib/Froxlor/Cron/Http/Apache.php +++ b/lib/Froxlor/Cron/Http/Apache.php @@ -201,6 +201,21 @@ class Apache extends HttpConfigBase if ($row_ipsandports['vhostcontainer_servername_statement'] == '1') { $this->virtualhosts_data[$vhosts_filename] .= ' ServerName ' . Settings::Get('system.hostname') . "\n"; + + $froxlor_aliases = Settings::Get('system.froxloraliases'); + if (!empty($froxlor_aliases)) { + $froxlor_aliases = explode(",", $froxlor_aliases); + $aliases = ""; + foreach ($froxlor_aliases as $falias) { + if (\Froxlor\Validate\Validate::validateDomain($falias)) { + $aliases = trim($falias) . " "; + } + } + $aliases = trim($aliases); + if (!empty($aliases)) { + $this->virtualhosts_data[$vhosts_filename] .= ' ServerAlias ' . $aliases . "\n"; + } + } } $is_redirect = false; diff --git a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php index 9e262fa2..a7fa61e8 100644 --- a/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php +++ b/lib/Froxlor/Cron/Http/LetsEncrypt/AcmeSh.php @@ -173,6 +173,16 @@ class AcmeSh extends \Froxlor\Cron\FroxlorCron $certrow['domain'] ); + $froxlor_aliases = Settings::Get('system.froxloraliases'); + if (!empty($froxlor_aliases)) { + $froxlor_aliases = explode(",", $froxlor_aliases); + foreach ($froxlor_aliases as $falias) { + if (\Froxlor\Validate\Validate::validateDomain($falias)) { + $domains[] = trim($falias); + } + } + } + // Only renew let's encrypt certificate if no broken ssl_redirect is enabled // - this temp. deactivation of the ssl-redirect is handled by the webserver-cronjob if ($cert_mode == 'renew') { diff --git a/lib/Froxlor/Cron/Http/Nginx.php b/lib/Froxlor/Cron/Http/Nginx.php index eca3e4da..d5aa77ff 100644 --- a/lib/Froxlor/Cron/Http/Nginx.php +++ b/lib/Froxlor/Cron/Http/Nginx.php @@ -224,7 +224,19 @@ class Nginx extends HttpConfigBase $this->nginx_data[$vhost_filename] .= "\t" . 'listen ' . $ip . ':' . $port . ' default_server' . ($ssl_vhost == true ? ' ssl' : '') . ($http2 == true ? ' http2' : '') . ';' . "\n"; $this->nginx_data[$vhost_filename] .= "\t" . '# Froxlor default vhost' . "\n"; - $this->nginx_data[$vhost_filename] .= "\t" . 'server_name ' . Settings::Get('system.hostname') . ';' . "\n"; + + $aliases = ""; + $froxlor_aliases = Settings::Get('system.froxloraliases'); + if (!empty($froxlor_aliases)) { + $froxlor_aliases = explode(",", $froxlor_aliases); + foreach ($froxlor_aliases as $falias) { + if (\Froxlor\Validate\Validate::validateDomain($falias)) { + $aliases = trim($falias) . " "; + } + } + $aliases = " " . trim($aliases); + } + $this->nginx_data[$vhost_filename] .= "\t" . 'server_name ' . Settings::Get('system.hostname') . $aliases . ';' . "\n"; $this->nginx_data[$vhost_filename] .= "\t" . 'access_log /var/log/nginx/access.log;' . "\n"; if (Settings::Get('system.use_ssl') == '1' && Settings::Get('system.leenabled') == '1' && Settings::Get('system.le_froxlor_enabled') == '1') { diff --git a/lib/Froxlor/Froxlor.php b/lib/Froxlor/Froxlor.php index 7e0bb70d..4a5c3d09 100644 --- a/lib/Froxlor/Froxlor.php +++ b/lib/Froxlor/Froxlor.php @@ -10,7 +10,7 @@ final class Froxlor const VERSION = '0.10.0'; // Database version (YYYYMMDDC where C is a daily counter) - const DBVERSION = '201902170'; + const DBVERSION = '201902210'; // Distribution branding-tag (used for Debian etc.) const BRANDING = ''; diff --git a/lng/english.lng.php b/lng/english.lng.php index 0ef2efda..45bced52 100644 --- a/lng/english.lng.php +++ b/lng/english.lng.php @@ -2056,3 +2056,5 @@ $lng['serversettings']['errorlog_level']['title'] = 'Error log-level'; $lng['serversettings']['errorlog_level']['description'] = 'Specify the error log level. Default is "warn" for apache-users and "error" for nginx-users.'; $lng['serversettings']['letsencryptecc']['title'] = "Issue ECC / ECDSA certificate"; $lng['serversettings']['letsencryptecc']['description'] = "If set to a valid key-size the certificate issued will use ECC / ECDSA"; +$lng['serversettings']['froxloraliases']['title'] = "Domain aliases for froxlor vhost"; +$lng['serversettings']['froxloraliases']['description'] = "Comma separated list of domains to add as server alias to the froxlor vhost"; diff --git a/lng/german.lng.php b/lng/german.lng.php index 0730e292..551ff001 100644 --- a/lng/german.lng.php +++ b/lng/german.lng.php @@ -1703,3 +1703,5 @@ $lng['serversettings']['errorlog_level']['title'] = 'Ausführlichkeit des Fehler $lng['serversettings']['errorlog_level']['description'] = 'Steuert die Ausführlichkeit des Fehlerprotokolls. Voreinstellung ist "warn" bei Apache und "error" bei Nginx.'; $lng['serversettings']['letsencryptecc']['title'] = "ECC / ECDSA Zertifikate ausstellen"; $lng['serversettings']['letsencryptecc']['description'] = "Wenn eine Schlüsselgröße ausgewählt wird, werden ECC / ECDSA Zertifikate erstellt"; +$lng['serversettings']['froxloraliases']['title'] = "Domain Aliase für Froxlor Vhost"; +$lng['serversettings']['froxloraliases']['description'] = "Komma getrennte Liste von Domains, welche als Server Alias zum Froxlor Vhost hinzugefügt werden";